Honestly? I know this isnt what youre going to want to hear, but security through obscurity. no one else knows what port the servers on, and its not accessible from anything outside of the internal network. if your solr install can be accessed from an external IP you have much larger issues.
On Mon, Mar 16, 2020 at 10:44 AM Ryan W <rya...@gmail.com> wrote: > How do you, personally, do it? Do you use IPTables? Basic Authentication > Plugin? Something else? > > I'm asking in part so I'l have something to search for. I don't know where > I should begin, so I figured I would ask how others do it. > > I haven't been able to find anything that works, so if you can tell me what > works for you, I can at least narrow it down a bit and do some Google > searches. Do I need to learn Solr's plugin system? Am I starting in the > right place if I follow this document: > > https://lucene.apache.org/solr/guide/7_0/rule-based-authorization-plugin.html#rule-based-authorization-plugin > > Initially, the above document seems far too comprehensive for my needs. I > just want to block access to the Solr admin UI, and the list of predefined > permissions in that document don't seem to be relevant. Also, it seems > unlikely this plugin system is necessary just to control access to the > admin UI... or maybe it necessary? > > In any case, what is your approach? > > I'm using version 7.7.2 of Solr. > > Thanks! >
